Preemptive Image Robustification for Protecting Users against Man-in-the-Middle Adversarial Attacks

Authors

  • Seungyong Moon Seoul National University
  • Gaon An Seoul National University
  • Hyun Oh Song Seoul National University DeepMetrics

DOI:

https://doi.org/10.1609/aaai.v36i7.20751

Keywords:

Machine Learning (ML), Computer Vision (CV)

Abstract

Deep neural networks have become the driving force of modern image recognition systems. However, the vulnerability of neural networks against adversarial attacks poses a serious threat to the people affected by these systems. In this paper, we focus on a real-world threat model where a Man-in-the-Middle adversary maliciously intercepts and perturbs images web users upload online. This type of attack can raise severe ethical concerns on top of simple performance degradation. To prevent this attack, we devise a novel bi-level optimization algorithm that finds points in the vicinity of natural images that are robust to adversarial perturbations. Experiments on CIFAR-10 and ImageNet show our method can effectively robustify natural images within the given modification budget. We also show the proposed method can improve robustness when jointly used with randomized smoothing.
AAAI-22 Proceedings Cover

Downloads

Published

2022-06-28

How to Cite

Moon, S., An, G., & Song, H. O. (2022). Preemptive Image Robustification for Protecting Users against Man-in-the-Middle Adversarial Attacks. Proceedings of the AAAI Conference on Artificial Intelligence, 36(7), 7823-7830. https://doi.org/10.1609/aaai.v36i7.20751

Issue

Vol. 36 No. 7: AAAI-22 Technical Tracks 7

Section

AAAI Technical Track on Machine Learning II